Security should be one of the top things to check on your Router Firewall. Consider that the U.S., Britain, and Australian government have recently accused the Russian government of maliciously targeting global internet equipment (home routers) for political and economic espionage. Firmware/software updates to your equipment can help to secure your network.
Back in the day you could get by with your router simply by restarting it once in a while, now it is more like a computer where updates have become very important. The warnings coming from government sources emphasize how important it is to keep your Router Firewall up to date to improve security.
Some news links regarding this recent topic of Router Firewall security:
San Jose Mercury News (4/16/18) – US says Russia targets internet routers for espionage
Ars Technica (4/16/18) – Russian hackers mass-expoit routers in homes, govs, and infrastructure
Chances are your Router Firewall needs to be checked up on. When was the last time you logged into your router to see what is going on? Did you know some simple maintenance on your router could improve your Internet performance?
We have been servicing home routers since they were invented, and we often find that these devices are the most neglected even though it is the single most important thing linking you to the Internet. Consider a good Router Firewall an important investment in your network. Also, consider updating it and checking in on it just like your computer at least once a month. The benefits could be better security and performance.
What to do?
- Determine whether you have a good router (Can it be patched?, Does it offer the speeds you require?)
- Check your router for updates asap, and make sure they complete successfully
- Check your Firewall settings
- Check that you are not using the Default Password on your router firewall
- Disable all uPnP on all devices
- Check your Router Firewall logs
*Note: The suggestions I make above may require a qualified technician.
If you have a question about your router or firewall model just ask us.
1) From US-CERT United States Computer Emergency Readiness Team
Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices
Network Devices—Often Easy Targets
- Network devices are often easy targets. Once installed, many network devices are not maintained at the same security level as other general-purpose desktops and servers. The following factors can also contribute to the vulnerability of network devices:
- Few network devices—especially SOHO and residential-class routers—run antivirus, integrity-maintenance, and other security tools that help protect general purpose hosts.
- Manufacturers build and distribute these network devices with exploitable services, which are enabled for ease of installation, operation, and maintenance.
- Owners and operators of network devices do not change vendor default settings, harden them for operations, or perform regular patching.
- ISPs do not replace equipment on a customer’s property when that equipment is no longer supported by the manufacturer or vendor.
- Owners and operators often overlook network devices when they investigate, examine for intruders, and restore general-purpose hosts after cyber intrusions.
Stage 1: Reconnaissance
Russian state-sponsored cyber actors have conducted both broad-scale and targeted scanning of Internet address spaces. Such scanning allows these actors to identify enabled Internet-facing ports and services, conduct device fingerprinting, and discover vulnerable network infrastructure devices.